Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 13 Oct 2008 15:00:40 GMT
From:      Sergey Matveychuk <sem@FreeBSD.org>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   bin/128064: [ipfw][patch] ipfw -n nat N config caused error
Message-ID:  <200810131500.m9DF0eaF065608@www.freebsd.org>
Resent-Message-ID: <200810131510.m9DFA4PB053012@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         128064
>Category:       bin
>Synopsis:       [ipfw][patch] ipfw -n nat N config caused error
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 13 15:10:04 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Sergey Matveychuk
>Release:        
>Organization:
>Environment:
ipfw(8) does not check for -n flag when configured nat.
>Description:
ipfw -n nat N config <anything> caused an error because of an infinity loop.

When -n flag specified ipfw should not do anything except syntax analyze.
>How-To-Repeat:
# ipfw -n nat 1 config if em0
ipfw: realloc: Cannot allocate memory


>Fix:
When it does nat config, it tries to show a result rule. 
pipe/queue config does not show resuls. I think nat config should not too. A patch in an attach.

But If a committer who'll take the PR is not agree with me, he can apply a patch bellow:

--- ipfw2.c.orig        2008-10-13 18:47:14.000000000 +0400
+++ ipfw2.c     2008-10-13 18:51:43.000000000 +0400
@@ -4067,6 +4067,9 @@
        if (i)
                err(1, "setsockopt(%s)", "IP_FW_NAT_CFG");

+       if (test_only)
+               return;
+
        /* After every modification, we show the resultant rule. */
        int _ac = 3;
        char *_av[] = {"show", "config", id};


Patch attached with submission follows:

--- ipfw2.c.orig	2008-10-13 18:47:14.000000000 +0400
+++ ipfw2.c	2008-10-13 18:53:25.000000000 +0400
@@ -3855,9 +3855,6 @@
 }
 
 static void
-show_nat(int ac, char **av);
-
-static void
 print_nat_config(char *buf) {
 	struct cfg_nat *n;
 	int i, cnt, flag, off;
@@ -4066,11 +4063,6 @@
 	i = do_cmd(IP_FW_NAT_CFG, buf, off);
 	if (i)
 		err(1, "setsockopt(%s)", "IP_FW_NAT_CFG");
-
-	/* After every modification, we show the resultant rule. */
-	int _ac = 3;
-	char *_av[] = {"show", "config", id};
-	show_nat(_ac, _av);
 }
 
 static void


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200810131500.m9DF0eaF065608>